gcloud-sql-backups-disabled: Automated Backups Not Enabled for Cloud SQL Instances

日期: 2025-08-01 | 影响软件: gcloud sql | POC: 已公开

漏洞描述

Ensure that automated (scheduled) backups are created for all Cloud SQL database instances available within your Google Cloud Platform (GCP) account, in order to protect against data deletion and/or data corruption.

PoC代码[已公开]

id: gcloud-sql-backups-disabled

info:
  name: Automated Backups Not Enabled for Cloud SQL Instances
  author: princechaddha
  severity: medium
  description: |
    Ensure that automated (scheduled) backups are created for all Cloud SQL database instances available within your Google Cloud Platform (GCP) account, in order to protect against data deletion and/or data corruption.
  impact: |
    If automated backups are not enabled, there is a risk of data loss or corruption with no way to recover the lost or damaged data, potentially affecting business continuity and compliance requirements.
  remediation: |
    Enable automated backups for all Cloud SQL database instances in your GCP account to ensure regular backups are taken to safeguard against data issues.
  reference:
    - https://cloud.google.com/sql/docs/mysql/backup-recovery/backups
  tags: cloud,devops,gcp,gcloud,google-cloud-sql,gcp-cloud-config

flow: |
  code(1)
  for(let projectId of iterate(template.projectIds)){
    set("projectId", projectId)
    code(2)
    for(let sqlInstance of iterate(template.sqlInstances)){
      set("sqlInstance", sqlInstance)
      code(3)
    }
  }

self-contained: true

code:
  - engine:
      - sh
      - bash
    source: |
      gcloud projects list --format="json(projectId)"

    extractors:
      - type: json
        name: projectIds
        internal: true
        json:
          - '.[].projectId'

  - engine:
      - sh
      - bash
    source: |
      gcloud sql instances list --project $projectId --format="json(name)"

    extractors:
      - type: json
        name: sqlInstances
        internal: true
        json:
          - '.[].name'

  - engine:
      - sh
      - bash
    source: |
      gcloud sql instances describe $sqlInstance --format="value(settings.backupConfiguration.enabled)"

    matchers:
      - type: word
        words:
          - 'False'

    extractors:
      - type: dsl
        dsl:
          - '"Automated backups are not enabled for SQL Instance: " + sqlInstance + " in project: " + projectId'
# digest: 4a0a00473045022045903971424b944ef4a306c915ccff4cdd35641fec7cb7a7757ea8e3f57eb813022100d8e5008193767daf63120bb731228c1d6f6ef9df8aac50e58085781f80971837:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/./cloud/gcp/sql/gcloud-sql-backups-disabled.yaml

相关漏洞推荐